Skip to content

Commit f315967

Browse files
maximthomasmaximthomas
committed
CVE-2025-64718: js-yaml has prototype pollution in merge (<<)
1 parent eea0831 commit f315967

File tree

3 files changed

+16
-8
lines changed

3 files changed

+16
-8
lines changed

openam-ui/openam-ui-api/package-lock.json

Lines changed: 4 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

openam-ui/openam-ui-ria/package-lock.json

Lines changed: 5 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

openam-ui/openam-ui-ria/package.json

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -50,15 +50,20 @@
5050
"rimraf": "2.5.4",
5151
"sinon": "1.17.6",
5252
"sinon-chai": "2.8.0",
53-
"ajv": "^8.16.0"
53+
"ajv": "^8.16.0",
54+
"js-yaml": "^3.14.2"
5455
},
5556
"overrides": {
5657
"mocha": {
5758
"flat": "5.0.2"
5859
},
5960
"eslint": {
6061
"shelljs": "^0.8.5",
61-
"ajv": "$ajv"
62+
"ajv": "$ajv",
63+
"js-yaml": "$js-yaml"
64+
},
65+
"grunt": {
66+
"js-yaml": "$js-yaml"
6267
}
6368
}
6469
}

0 commit comments

Comments
 (0)